aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/libcharon/sa/keymat.c57
-rw-r--r--src/libcharon/sa/keymat.h16
-rw-r--r--src/libcharon/sa/keymat_v2.c57
3 files changed, 75 insertions, 55 deletions
diff --git a/src/libcharon/sa/keymat.c b/src/libcharon/sa/keymat.c
index 7b5c95c1a..2fa4423e1 100644
--- a/src/libcharon/sa/keymat.c
+++ b/src/libcharon/sa/keymat.c
@@ -31,3 +31,60 @@ keymat_t *keymat_create(ike_version_t version, bool initiator)
}
return NULL;
}
+
+/**
+ * Implicit key length for an algorithm
+ */
+typedef struct {
+ /** IKEv2 algorithm identifier */
+ int alg;
+ /** key length in bits */
+ int len;
+} keylen_entry_t;
+
+/**
+ * See header.
+ */
+int keymat_get_keylen_encr(encryption_algorithm_t alg)
+{
+ keylen_entry_t map[] = {
+ {ENCR_DES, 64},
+ {ENCR_3DES, 192},
+ };
+ int i;
+
+ for (i = 0; i < countof(map); i++)
+ {
+ if (map[i].alg == alg)
+ {
+ return map[i].len;
+ }
+ }
+ return 0;
+}
+
+/**
+ * See header.
+ */
+int keymat_get_keylen_integ(integrity_algorithm_t alg)
+{
+ keylen_entry_t map[] = {
+ {AUTH_HMAC_MD5_96, 128},
+ {AUTH_HMAC_SHA1_96, 160},
+ {AUTH_HMAC_SHA2_256_96, 256},
+ {AUTH_HMAC_SHA2_256_128, 256},
+ {AUTH_HMAC_SHA2_384_192, 384},
+ {AUTH_HMAC_SHA2_512_256, 512},
+ {AUTH_AES_XCBC_96, 128},
+ };
+ int i;
+
+ for (i = 0; i < countof(map); i++)
+ {
+ if (map[i].alg == alg)
+ {
+ return map[i].len;
+ }
+ }
+ return 0;
+}
diff --git a/src/libcharon/sa/keymat.h b/src/libcharon/sa/keymat.h
index 5860044b6..5395c3776 100644
--- a/src/libcharon/sa/keymat.h
+++ b/src/libcharon/sa/keymat.h
@@ -72,4 +72,20 @@ struct keymat_t {
*/
keymat_t *keymat_create(ike_version_t version, bool initiator);
+/**
+ * Look up the key length of an encryption algorithm.
+ *
+ * @param alg algorithm to get key length for
+ * @return key length in bits
+ */
+int keymat_get_keylen_encr(encryption_algorithm_t alg);
+
+/**
+ * Look up the key length of an integrity algorithm.
+ *
+ * @param alg algorithm to get key length for
+ * @return key length in bits
+ */
+int keymat_get_keylen_integ(integrity_algorithm_t alg);
+
#endif /** KEYMAT_H_ @}*/
diff --git a/src/libcharon/sa/keymat_v2.c b/src/libcharon/sa/keymat_v2.c
index e8081cba0..aacff0a99 100644
--- a/src/libcharon/sa/keymat_v2.c
+++ b/src/libcharon/sa/keymat_v2.c
@@ -71,59 +71,6 @@ struct private_keymat_v2_t {
chunk_t skp_verify;
};
-typedef struct keylen_entry_t keylen_entry_t;
-
-/**
- * Implicit key length for an algorithm
- */
-struct keylen_entry_t {
- /** IKEv2 algorithm identifier */
- int algo;
- /** key length in bits */
- int len;
-};
-
-#define END_OF_LIST -1
-
-/**
- * Keylen for encryption algos
- */
-keylen_entry_t keylen_enc[] = {
- {ENCR_DES, 64},
- {ENCR_3DES, 192},
- {END_OF_LIST, 0}
-};
-
-/**
- * Keylen for integrity algos
- */
-keylen_entry_t keylen_int[] = {
- {AUTH_HMAC_MD5_96, 128},
- {AUTH_HMAC_SHA1_96, 160},
- {AUTH_HMAC_SHA2_256_96, 256},
- {AUTH_HMAC_SHA2_256_128, 256},
- {AUTH_HMAC_SHA2_384_192, 384},
- {AUTH_HMAC_SHA2_512_256, 512},
- {AUTH_AES_XCBC_96, 128},
- {END_OF_LIST, 0}
-};
-
-/**
- * Lookup key length of an algorithm
- */
-static int lookup_keylen(keylen_entry_t *list, int algo)
-{
- while (list->algo != END_OF_LIST)
- {
- if (algo == list->algo)
- {
- return list->len;
- }
- list++;
- }
- return 0;
-}
-
METHOD(keymat_t, create_dh, diffie_hellman_t*,
private_keymat_v2_t *this, diffie_hellman_group_t group)
{
@@ -448,7 +395,7 @@ METHOD(keymat_v2_t, derive_child_keys, bool,
if (!enc_size)
{
- enc_size = lookup_keylen(keylen_enc, enc_alg);
+ enc_size = keymat_get_keylen_encr(enc_alg);
}
if (enc_alg != ENCR_NULL && !enc_size)
{
@@ -490,7 +437,7 @@ METHOD(keymat_v2_t, derive_child_keys, bool,
if (!int_size)
{
- int_size = lookup_keylen(keylen_int, int_alg);
+ int_size = keymat_get_keylen_integ(int_alg);
}
if (!int_size)
{
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-20 01:33:52 +0000